If you use the Symantec Web Gateway proxy, you can route outbound HTTP traffic and HTTPS traffic through a Symantec Data Loss Prevention (DLP) server. The Symantec DLP server discovers, monitors, and protects confidential data. The Symantec DLP server must run Network Prevent for Web version 11.0 or later.
The connection to Symantec DLP is fail open. If there is a communication problem between Symantec Web Gateway and Symantec DLP, network traffic bypasses Symantec DLP without inspection.
When you configure the Symantec DLP server, carefully consider the value that you specify on the Configure Server page under Request Filtering for the option Ignore Requests Smaller Than. If you set the value too high, Symantec Web Gateway may ignore potentially important files. Symantec Web Gateway still sends the request, but the DLP server does not inspect it.
For more information, see your Symantec Data Loss Prevention server documentation.
You must check Enable HTTP/S Proxy or SSL Deep Inspection for the Enable DLP option to appear.
In the Web GUI, on the Administration > Configuration > Proxy tab, under Symantec DLP Network Prevent Settings, click Enable DLP.
In the DLP Session Timeout box, type the number of seconds that the Symantec DLP server session remains idle. After this timeout period, Symantec Web Gateway disconnects the session. Symantec Web Gateway re-establishes the connection when another request is made.
You may need a shorter timeout if Internet traffic at your site is high. You may need a longer timeout if Internet traffic at your site is low. Please test changes before you deploy them in a production environment.
Click Add a DLP Server to add a Symantec DLP server.
In the DLP Server IP Address box, type the address of the Symantec DLP server.
In the DLP Port box, type the port number of the Symantec DLP server.
The Symantec DLP server communicates with the Symantec Web Gateway proxy over the ICAP protocol. The default value of ICAP protocol port is 1344, but you can change this value.
Repeat 4 through 6 to add additional Symantec DLP servers.
The maximum number of Symantec DLP servers that you can use is as follows:
If you enable SSL Deep Inspection
If you enable Domain Deep Inspection
Imported Document ID: HOWTO54173
Subscribing will provide email updates when this Article is updated. Login is required.